Tagged: wireshark

netstat on Linux

Network Forensics Basics : How To Check and Analyze Unexpected Network Traffic On Windows or Linux Machine

So in one previous post, we talked about the importance of using some kind of bandwidth monitoring tool to be able to see bandwidth usage in real time for many reasons… Among those reasons was being able to keep an eye on unexpected bandwidth hoggers which could be malware traffic or unwanted applications, now we will see how to act when an abnormality is observed.

A Needle In A Haystack

Wireshark – How To Easily Find A TCP Session In A Huge Capture File

Troubleshooting a specific TCP session in a Wireshark packet capture should be an easy or difficult task depending on the nature of the problem that’s being investigated, what can be cumbersome is actually finding that session in the middle of a huge capture file or even a running capture with...